Application and Infrastructure Architecture Checklist - Internal

advertisement
Application and Infrastructure Architecture
V1 Latest version 11/11/2015
APPLICATION AND INFRASTRUCTURE ARCHITECTURE:
INTERNALLY HOSTED SYSTEM CHECKLIST
Project Name:
Click here to enter text.
Product Name:
Click here to enter text.
Completed By:
Click here to enter text.
Last Updated on:
Click here to enter a date.
This checklist should be completed by the project technical lead, in conjunction with the supplier, for
systems that are anticipated to be internally hosted by IMT on behalf of the School.
It is a living document, which should develop with the project.
At key stages the questionnaire should be sent to the Information Security Team for signoff.
This should be at least:
1. During the Design phase of the project.
2. Before completion and rollout.
Systems hosted in the cloud should use the Cloud Questionnaire.
Principle / Type
Check
/
Comments
A UTHENTICATION
Active Directory
LDAP (with secure pass through to AD)
Kerberos (with secure trust to AD)
Shibboleth/ADFS/CAS
External Collaboration Access Framework
(Fast provisioning of accounts for external
collaborators)
Exception Required?
-
A UTHORIS ATION & A C CESS C ONTROL
Security Groups
IP Access Control List
DMZ/Zoning
Security Bubble
Exception Required?
T HIRD PARTY R EMOTE A CCESS T O S YSTEMS A ND D ATA
Jumphost via remote.lse.ac.uk
Pulse client via remote.lse.ac.uk
Site-to-Site VPN
SSH via SSH Gateway
Exception Required?
-
A DMINISTRATIVE (LSE STAFF ) A CCESS
IP access control list
SSH
Remote Desktop
Jumphost via remote.lse.ac.uk
Network zone
Internal only
Confidential to LSE
November 2015
Page 1 of 4
Principle / Type
Check
/
Application and Infrastructure Architecture
V1 Latest version 11/11/2015
Comments
Exception Required?
S ERVER O PERATING S YSTEMS
MS Windows Server
Linux (specify)
Exception Required?
-
SAN based
Disk enclosure
NAS
Local storage
CIFS file share (Windows)
NFS file share (Linux)
Exception Required?
-
D ATA S TORAGE
D ATA M ANAGEMENT
Backup required
Archive/retention period
D ATABASE T ECHNOLOGY
Microsoft SQL Server
Oracle
MySQL
Exception Required?
-
D ATA I NTERCHANGE & S TANDARDS
XML
SOAP
Flat / CSV data files
Database Links
Exception Required?
SOA T ECHNOLOGIES
Shared Services (SOA/Web)
WSDL
Messaging (XML/BPEL)
Service Bus Facilities
Service Registration
Exception Required?
-
W EB A PPLICATION S ERVER T ECHNOLOGIES
Microsoft IIS and associated technologies
(ASP.NET – MVC Framework, AJAX,
Silverlight)
Apache, JSP
PHP
Java and Tomcat
RabbitMQ
HTML – v4, v5 or XHTML
Exception Required?
DESKTOP
O PERATING S YSTEMS
Microsoft Windows
Apple MacOS
Linux (specify)
Confidential to LSE
November 2015
Page 2 of 4
Principle / Type
Exception Required?
Check
/
-
Application and Infrastructure Architecture
V1 Latest version 11/11/2015
Comments
M OBILE D EVICE S UPPORT
Apple iOS
Google Android
Windows Phone
Exception Required?
-
W EB B ROWSER S UPPORT
Microsoft Internet Explorer
Mozilla Firefox
Apple Safari
Google Chrome
Exception Required?
-
S ECURITY
Externally facing service (requiring DMZ)
Internally-facing service, but which AD users
will need to access from outside (i.e. via
remote.lse.ac.uk SSL VPN)
Other user access requirements (describe)
Web log in / data input under SSL certificate
Application communications / traffic
encrypted
Servers located in appropriate firewall
protected network zones
Conforms to School security policies and
practices
Security audit completed and action plan
agreed
Exception Required?
-
F UTUREPROOFING
Does the application / system have an
upgrade path?
Does the application / system rely on any
programs that cannot be updated (e.g. Java
versions etc)?
Does the application / system support
operating system upgrades and updates?
Is the supplier responsible for installing any
updates?
W EB B RANDING AND A CCESSIBILITY
Site branding and ‘look and feel’ approved by
IMT Communications Manager
European Web Content Accessibility
Guidelines (WCAG) compliant
Exception Required?
Confidential to LSE
-
November 2015
Page 3 of 4
Application and Infrastructure Architecture
V1 Latest version 11/11/2015
E XCEPTION STATEMENT
If any of the ‘Exception Required?’ sections are completed above please supply a brief statement
outlining the need for such an exception below. Please include details of where and with whom the
exception(s) has been discussed:
Click here to enter text.
Confidential to LSE
November 2015
Page 4 of 4
Download